Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Added support for RFC7616 - HTTP Digest access authentication #1934
3 times, most recently
Sep 30, 2017
I am working on the CI errors now. The sha256 implementation is from here: https://github.com/B-Con/crypto-algorithms/blob/master/sha256.c, but I had to change the function names and protoypes to match the ones from openssl.
CI seems to give this error which I am not sure how to go around:
error: ./../docs/libcurl/libcurl-tutorial.3:628: use \fI before curl_slist_free_all(3)
It is failing test 1140.
"This code is released into the public domain free of any restrictions. The author requests acknowledgement if the code is used, but does not require it. This code is provided free of any liability and without any quality claims by the author."
Please mention that in the source like "Based on SHA-256 implementation by Brad Conte (brad AT bradconte.com)" and url. Also it is only little endian but we need big endian support as well.
Also does this need to be taken into consideration:
"Note that these are not cryptographically secure implementations. They have no resistence to side-channel attacks and should not be used in contexts that need cryptographically secure implementations."
Should be fixed in 753a5da, can you rebase on master and let the CI run again?
The ideal solution would be to use the sha256 implementation that's already in the TLS library that's most likely used as well, which is how the keypinning code does it. OpenSSL is also Apache 2 these days and before that they had another GPL incompatible license so that's not ideal either. The best licenses for us would be MIT or BSD.
Awesome, can you look into creating a test case or two as well?
I suppose this code path is triggered automatically based on the header contents, so there's really nothing particular to document? Maybe CURLOPT_HTTPAUTH.3 and CURLOPT_PROXYAUTH.3 at least needs a mention somewhere that we support the RFC7616 style starting with 7.57.0 ?
Finally, good work Florin :)